News for April 13, 2025

News for April 13, 2025

By I_g_o_r | Some news | 12 Apr 2025


SpyCloud Research Shows that Endpoint Detection and Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections

https://hackread.com/spycloud-endpoint-detection-antivirus-malware-infection/

 

For bitcoin bulls who self-custody crypto, the global risks are growing

https://www.cnbc.com/2025/04/06/bitcoin-self-custody-crypto-risks.html

 

Michael Saylor’s Strategy halts Bitcoin buys despite dip below $87K

https://cointelegraph.com/news/saylor-strategy-skip-bitcoin-buy-87000-drop

 

Xanthorox AI Surfaces on Dark Web as Full Spectrum Hacking Assistant

https://hackread.com/xanthorox-ai-dark-web-full-spectrum-hacking-assistant/

 

E-ZPass toll payment texts return in massive phishing wave

https://www.bleepingcomputer.com/news/security/toll-payment-text-scam-returns-in-massive-phishing-wave/

 

Someone hacked ransomware gang Everest’s leak site

https://techcrunch.com/2025/04/07/someone-hacked-everest-ransomware-gang-dark-web-leak-site/

 

npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers

https://hackread.com/npm-malware-atomic-exodus-wallets-hijack-crypto/

 

Bathwater, Baby, and Silver

https://dailyreckoning.com/bathwater-baby-and-silver-2/

 

How to Launch a Fully Functional Crypto Exchange in 3 Days For Free

https://hackernoon.com/changenow-how-to-launch-a-fully-functional-crypto-exchange-in-3-days-for-free

 

Alleged Scattered Spider SIM-swapper must pay back $13.2M to 59 victims

https://www.theregister.com/2025/04/07/scattered_spider_sim_swap/

 

Protecting Your Business on the Move: A Modern Cybersecurity Guide

https://hackread.com/protecting-business-on-move-cybersecurity-guide/

 

Garry Nolan: Aliens | The Case They’re Already Here

https://www.youtube.com/watch?v=QpJebYW_vb4&t=6094s

 

CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign

https://www.securityweek.com/crm-bulk-email-providers-targeted-in-crypto-phishing-campaign/

 

Neptune RAT Variant Spreads via YouTube to Steal Windows Passwords

https://hackread.com/neptune-rat-variant-youtube-steal-windows-passwords/

 

The Gold Standard Is Back - Stablecoins Need To Rethink What 'Backing' Really Means

https://www.zerohedge.com/crypto/gold-standard-back-stablecoins-need-rethink-what-backing-really-means

 

Fake Microsoft Office add-in tools push malware via SourceForge

https://www.bleepingcomputer.com/news/security/fake-microsoft-office-add-in-tools-push-malware-via-sourceforge/

 

Tinker WriterDeck OS turns nearly any old laptop into a distraction-free writing machine

https://liliputing.com/tinker-writerdeck-os-turns-nearly-any-old-laptop-into-a-distraction-free-writing-machine/

 

Threat Actors Exploit Toll Payment Services in Widespread Hacking Campaign

https://gbhackers.com/threat-actors-exploit-toll-payment-services/

 

Experts Urgent Warning - Are You Ready?

https://www.youtube.com/watch?v=3fkocpJFzPc

 

Over 90% of WazirX creditors support post-hack restructuring plan

https://cointelegraph.com/news/wazirx-creditors-approve-restructuring-plan-post-hack

 

Six arrested for AI-powered investment scams that stole $20 million

https://www.bleepingcomputer.com/news/security/six-arrested-for-ai-powered-investment-scams-that-stole-20-million/

 

Brothers Behind Rydox Dark Web Market Extradited to US

https://hackread.com/brothers-rydox-dark-web-market-extradited-to-us/

 

Threat Actors Exploit Fake CAPTCHAs and Cloudflare Turnstile to Distribute LegionLoader

https://gbhackers.com/threat-actors-exploit-fake-captchas-and-cloudflare-turnstile/

 

US Companies' Chapter 11 Bankruptcies Jump 20%: Report

https://www.zerohedge.com/personal-finance/us-companies-chapter-11-bankruptcies-jump-20-report

 

Food giant WK Kellogg discloses data breach linked to Clop ransomware

https://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/

 

ANNA PAULINA LUNA, NBC, AND JFK

https://gizadeathstar.com/2025/04/anna-paulina-luna-nbc-and-jfk/

 

HellCat Ransomware Hits 4 Firms using Infostealer-Stolen Jira Credentials

https://hackread.com/hellcat-ransomware-firms-infostealer-stolen-jira-credentials/

 

AI Surpasses Elite Red Teams in Crafting Effective Spear Phishing Attacks

https://gbhackers.com/ai-surpasses-elite-red-teams-in-crafting/

 

Federal Consumer Protection Is Dead. The Fate Of Net Neutrality Warned You It Was Coming

https://www.techdirt.com/2025/04/07/federal-consumer-protection-is-dead-the-fate-of-net-neutrality-warned-you-it-was-coming/

 

Hackers Are Hiding Malware in This Common Image Format—And It’s Working

https://hackernoon.com/hackers-are-hiding-malware-in-this-common-image-formatand-its-working

 

India's 'Frankenstein' Laptop Economy Thrives Against Planned Obsolescence

https://it.slashdot.org/story/25/04/08/1116241/indias-frankenstein-laptop-economy-thrives-against-planned-obsolescence

 

EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher

https://www.bleepingcomputer.com/news/security/encrypthubs-dual-life-cybercriminal-vs-windows-bug-bounty-researcher/

 

The White House Frames the Past by Erasing Parts of It

https://www.nytimes.com/2025/04/05/technology/trump-history-websites.html

 

Over 26,000 Dark Web Discussions Focused on Hacking Financial Organizations

https://gbhackers.com/over-26000-dark-web-discussions-focused/

 

The Financial Kill Switch Has Been Flipped – No More 'Buy the Dip' | E.B. Tucker

https://www.youtube.com/watch?v=AzGOMLiCCco

 

WhatsApp Vulnerability Could Facilitate Remote Code Execution

https://www.securityweek.com/whatsapp-vulnerability-could-facilitate-remote-code-execution/

 

Abracadabra.Finance Suffers $13M Crypto Hack

https://www.linkedin.com/pulse/abracadabra-finance-suffers-13m-crypto-hack-cyberscopeio-aio3f

 

Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet

https://gbhackers.com/hackers-conceal-nfc-carders-behind-apple-pay/

 

Medusa Ransomware Claims NASCAR Breach in Latest Attack

https://hackread.com/medusa-ransomware-claims-nascar-breach-latest-attack/

 

Algerian hackers leak sensitive data from Morocco's CNSS and Ministry of Employment

https://en.yabiladi.com/articles/details/163560/algerian-hackers-leak-sensitive-data.html

 

Phishing kits now vet victims in real-time before stealing credentials

https://www.bleepingcomputer.com/news/security/phishing-kits-now-vet-victims-in-real-time-before-stealing-credentials/

 

Cyber attack on a technology company in the Republic of China

https://mops.twse.com.tw/mops/#/web/t146sb05

 

Cyber attack on a school district in Massachusetts, USA

https://www.heraldnews.com/story/news/2025/04/07/fall-river-schools-network-hacked-security-police-investigating/82983967007/

 

PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware

https://thehackernews.com/2025/04/pipemagic-trojan-exploits-windows-clfs.html

 

Socia media account of the Czech Prime minister hacked

https://www.reuters.com/world/europe/czech-pm-fialas-x-account-attacked-with-fake-posts-2025-04-08/

 

Bitcoin ETFs lose $326M amid ‘evolving’ dynamic with TradFi markets

https://cointelegraph.com/news/btc-etfs-326-bitcoin-evolving-dynamic-tradfi-markets

 

ToddyCat APT Targets ESET Bug to Load Silent Malware

https://www.darkreading.com/vulnerabilities-threats/toddycat-apt-eset-bug-silent-malware

 

Grandoreiro Strikes Again: Geofenced Phishing Attacks Target LATAM

https://hackread.com/grandoreiro-strikes-geofenced-phishing-attacks-latam/

 

ZKasino scammer’s risky Ethereum trade backfires with $27M loss amid market turmoil

https://cryptoslate.com/zkasino-scammers-risky-ethereum-trade-backfires-with-27m-loss-amid-market-turmoil/

 

HollowQuill Malware Targets Government Agencies Globally Through Weaponized PDF Documents

https://gbhackers.com/hollowquill-malware-targets-government-agencies/

 

Police detains Smokeloader malware customers, seizes servers

https://www.bleepingcomputer.com/news/security/police-detains-smokeloader-malware-customers-seizes-servers/

 

The US Treasury’s OCC disclosed an undetected major email breach for over a year

https://securityaffairs.com/176373/data-breach/the-us-treasurys-occ-disclosed-an-undetected-major-email-breach-for-over-a-year.html

 

Hackers Claim Magento Breach via Third-Party, Leak CRM Data of 700K

https://hackread.com/hackers-magento-breach-3rd-party-crm-data-leak/

 

Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings

https://thehackernews.com/2025/04/cryptocurrency-miner-and-clipper.html

 

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days

https://www.securityweek.com/cisa-urges-urgent-patching-for-exploited-centrestack-windows-zero-days/

 

72% of people are worried their data is being misused by the government

https://www.malwarebytes.com/blog/news/2025/04/72-of-people-are-worried-their-data-is-being-misused-by-the-government-and-thats-not-all

 

UnitedHealth is making struggling doctors repay loans issued after last year’s cyberattack

https://www.cnbc.com/2025/04/11/unitedhealth-makes-doctors-repay-loans-issued-after-change-cyberattack.html

 

The Financial Kessler Effect

https://www.zerohedge.com/markets/financial-kessler-effect

 

Laboratory Services Cooperative data breach impacts 1.6 Million People

https://securityaffairs.com/176451/data-breach/laboratory-services-cooperative-data-breach.html

 

Windows Active Directory Vulnerability Enables Unauthorized Privilege Escalation

https://gbhackers.com/windows-active-directory-vulnerability/

 

Music/songs remixed from the 70s, 80s, 90s

https://www.youtube.com/watch?v=wieV81DUZf8

 

Hackers hide crypto address-swapping malware in Microsoft Office add-in bundles

https://cointelegraph.com/news/microsoft-office-extension-packages-hide-malware-replaces-crypto-addresses

 

Oracle says "obsolete servers" hacked, denies cloud breach

https://www.bleepingcomputer.com/news/security/oracle-says-obsolete-servers-hacked-denies-cloud-breach/

 

SaxonQ Demonstrates Applications on a Mobile Quantum Computer, Powered by Quantum Machines Tech

https://thequantuminsider.com/2025/04/09/saxonq-demonstrates-applications-on-a-mobile-quantum-computer-powered-by-quantum-machines-tech/

 

New AkiraBot Abuses OpenAI API to Spam Website Contact Forms

https://hackread.com/akirabot-abuses-openai-api-spam-website-contact-forms/

 

Justice Dept. Disbands Cryptocurrency Enforcement Unit

https://www.nytimes.com/2025/04/08/us/politics/doj-disbands-crypto-unit.html

 

Critical FortiSwitch flaw lets hackers change admin passwords remotely

https://www.bleepingcomputer.com/news/security/critical-fortiswitch-flaw-lets-hackers-change-admin-passwords-remotely/

 

GERMANY WANTS ITS GOLD BACK… AGAIN

https://gizadeathstar.com/2025/04/germany-wants-its-gold-back-again/

 

Whoops: T-Mobile Reveals Names, Real-Time Locations Of Customers’ Kids

https://www.techdirt.com/2025/04/08/whoops-t-mobile-reveals-names-real-time-locations-of-customers-kids/

 

The Dark Side of AI - Weaponized and Out of Control

https://www.youtube.com/watch?v=EWcm-JIr964

 

North Korean Hackers Use Social Engineering and Python Scripts to Execute Stealthy Commands

https://gbhackers.com/north-korean-hackers-use-social-engineering-and-python-scripts/

 

The Crypto Scam You’re Falling For: Low Float, High FDV Tokens Exposed!

https://hackernoon.com/the-crypto-scam-youre-falling-for-low-float-high-fdv-tokens-exposed

 

CCP Spills Beans At Secret Geneva Meeting, Acknowledges Role In US Infrastructure Hacks

https://www.zerohedge.com/technology/ccp-spills-beans-secret-geneva-meeting-acknowledges-role-us-infrastructure-hacks

 

Hacker Claims WooCommerce Data Breach, Selling 4m User Records

https://hackread.com/hacker-claims-woocommerce-data-breach-selling-records/

 

Outage hits Exchange Admin Center, Microsoft 365 apps like Outlook may be down

https://www.neowin.net/news/outage-hits-exchange-admin-center-microsoft-365-apps-like-outlook-may-be-down/

 

Launch of First Amazon Project Kuiper Internet Satellites Is Scrubbed

https://www.nytimes.com/2025/04/09/science/amazon-kuiper-satellite-launch.html

 

AkiraBot Floods 80,000 Sites After Outsmarting CAPTCHAs and Slipping Past Network Defenses

https://gbhackers.com/akirabot-floods-80000-sites-after-outsmarting-captchas/

 

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

https://www.bleepingcomputer.com/news/security/hackers-target-ssrf-bugs-in-ec2-hosted-sites-to-steal-aws-credentials/

 

One Of The Largest Malls In The U.S. Just Defaulted On Its $300 Million Mortgage

https://www.zerohedge.com/markets/one-largest-malls-us-just-defaulted-its-300-million-mortgage

 

SideCopy APT Hackers Impersonate Government Officials to Deploy Open-Source XenoRAT Tool

https://gbhackers.com/sidecopy-apt-hackers-impersonate-government-officials/

 

People are Not Getting Paid

https://www.youtube.com/watch?v=HqQ1uy1Nt0A

 

US lab testing provider exposed health data of 1.6 million people

https://www.bleepingcomputer.com/news/security/us-lab-testing-provider-exposed-health-data-of-16-million-people/

 

A $4.5-million HEX hack shook its staking ecosystem

https://cointelegraph.com/news/hex-whale-hack-psychological-earthquake

 

Sensata Technologies Breached: Ransomware Attack Key Systems

https://gbhackers.com/sensata-technologies-breached/

 

Fintech Founder Charged With Fraud After 'AI' Shopping App Found To Be Powered By Humans in the Philippines

https://yro.slashdot.org/story/25/04/11/0018218/fintech-founder-charged-with-fraud-after-ai-shopping-app-found-to-be-powered-by-humans-in-the-philippines

 

79% Of Olive Oil Is FAKE! How To Test Yours At Home

https://www.youtube.com/watch?v=rhVvkmz-oC4

 

Smokeloader Users Identified and Arrested in Operation Endgame

https://hackread.com/smokeloader-users-identified-arrested-operation-endgame/

 

Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs

https://arstechnica.com/security/2025/04/researcher-uncovers-dozens-of-sketchy-chrome-extensions-with-4-million-installs/

 

Crypto users targeted in SourceForge malware attack via fake Microsoft Office softwares

https://cryptoslate.com/crypto-users-targeted-in-sourceforge-malware-attack-via-fake-microsoft-office-softwares/

 

Hackers Imitate Google Chrome Install Page on Google Play to Distribute Android Malware

https://gbhackers.com/hackers-imitate-google-chrome-install-page-on-google-play/

 

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

https://thehackernews.com/2025/04/fortinet-warns-attackers-retain.html

 

Data BreachesHackers Breach Morocco’s Social Security Database

https://www.securityweek.com/hackers-breach-moroccos-social-security-database/

 

Fed Preps $2T Bailout as Hedge Fund Trade Implodes

https://www.youtube.com/watch?v=PIWwph9vUQg

 

Ransomware attack cost IKEA operator in Eastern Europe $23 million

https://www.bleepingcomputer.com/news/security/ransomware-attack-cost-ikea-operator-in-eastern-europe-23-million/

 

9.0 Magnitude “Bondquake”

https://dailyreckoning.com/9-0-magnitude-bondquake/

 

TROX Stealer Harvests Sensitive Data Including Stored Credit Cards and Browser Credentials

https://gbhackers.com/trox-stealer-harvests-sensitive-data-including-stored-credit-cards/

 

Yanis Varoufakis Explains Trump’s Tariffs

https://www.youtube.com/watch?v=Ax7TtJrEcKQ

 

CONNECTICUT JOINS OTHER STATES IN GOLD BACKED CURRENCY

https://gizadeathstar.com/2025/04/connecticut-joins-other-states-in-gold-backed-currency/

 

Ethical hacker intercepts $2.6M in Morpho Labs exploit

https://cointelegraph.com/news/white-hat-intercepts-2-million-morpho-blue-hack

 

Chinese eCrime Group Targets Users in 120+ Countries to Steal Banking Credentials

https://gbhackers.com/chinese-ecrime-group-targets-users-in-120-countries/

 

BentoML Vulnerability Allows Remote Code Execution on AI Servers

https://hackread.com/bentoml-vulnerability-remote-code-execution-ai-servers/

 

Trump’s 4D Chess: Inside the Mar-a-Lago Accords!

https://www.youtube.com/watch?v=dxCmkJ926PI

 

Western Sydney University discloses security breaches, data leak

https://www.bleepingcomputer.com/news/security/western-sydney-university-discloses-security-breaches-data-leak/

 

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing

https://hackread.com/russia-storm-2372-hit-mfa-bypass-device-code-phishing/

 

Major data breach affects multiple Dutch ministries

https://www.techzine.eu/news/security/130478/major-data-breach-affects-multiple-dutch-ministries-impact-still-unclear/

 

Dangling DNS Attack Allows Hackers to Take Over Organization’s Subdomain

https://gbhackers.com/dangling-dns-attack-allows-hackers/

 

Paper Werewolf Threat Actor Targets Flash Drives With New Malware

https://www.darkreading.com/threat-intelligence/paper-werewolf-targets-flash-drives-new-malware

 

Cyber attack on a fleet management company in Brazil

https://www.cisoadvisor.com.br/ataque-cibernetico-atinge-divisao-da-unidas/

 

Hackers Stole Health Records From 1.6 Million Planned Parenthood Patients

https://lifehacker.com/tech/hackers-stole-health-records-of-millions-of-planned-parenthood-patients?utm_medium=RSS

 

How to Fast-Charge Your Smartphone

https://www.wired.com/story/how-to-fast-charge-your-phone/

 

How the Crypto Industry’s Political Spending Is Paying Off

https://www.nytimes.com/2025/04/12/technology/crypto-congress-financing-lobbying.html

 

Threat Actors Leverage Email Bombing to Evade Security Tools and Conceal Malicious Activity

https://gbhackers.com/threat-actors-leverage-email-bombing-to-evade-security-tools/

 

Scientists Discover New Way to Keep Quantum Spins Coherent for Longer

https://thequantuminsider.com/2025/04/11/scientists-discover-new-way-to-keep-quantum-spins-coherent-for-longer/

 

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

https://securityaffairs.com/176446/hacking/brute-force-login-attempts-on-pan-os-globalprotect.html

 

The US Is Turning a Blind Eye to Crypto Crimes

https://www.wired.com/story/the-us-is-turning-a-blind-eye-to-crypto-crimes/

 

Music Mix Q1 2025

https://www.youtube.com/watch?v=MzGvZ1zUmUI

 

 

P.S. For those who want to have a list of annotations, here is the link to the article on how to do it with ChatGPT and Zapier

https://zapier.com/blog/how-to-use-chatgpt-to-summarize-an-article/

 

Some links:

Get highly discounted domains

Get public DPG for mobile devices

Get free XNO

Get an offline public DPG

Get working memory stimulator

Get post-quantum crypto wallet

Get your passwords and private keys to be prepared for the Q day

How to estimate time for the Q-day, in a simple way?

How do you rate this article?

20


I_g_o_r
I_g_o_r

I am curious about science, technologies and their applications to solving real problems.


Some news
Some news

News on cyber security, data breaches, crypto security, trends, etc. Image of Suzy Hazelwood from pexels.com

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.